Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/d9a004-b953-4c73-81e4-0711694000a0/1/G80pQUKT-g9Pp0LQw6xT0S7aZis.roa
File: G80pQUKT-g9Pp0LQw6xT0S7aZis.roa (raw, json)
Hash identifier: KIPnE5oh1YN+kwqJPACQjrH2cJ94USbdKtPwCZEF3oo=
Subject key identifier: 1B:CD:29:41:42:93:FA:0F:4F:A7:42:D0:C3:AC:53:D1:2E:DA:66:2B
Certificate issuer: /CN=8afc31f36c97777f906b93e83ae657f00aeb3099
Certificate serial: 01856F0B6BC9E4F19B7F3672B0F6D8BBE565
Authority key identifier: 8A:FC:31:F3:6C:97:77:7F:90:6B:93:E8:3A:E6:57:F0:0A:EB:30:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ivwx82yXd3-Qa5PoOuZX8ArrMJk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/d9a004-b953-4c73-81e4-0711694000a0/1/G80pQUKT-g9Pp0LQw6xT0S7aZis.roa
Signing time: Sun 01 Jan 2023 20:34:57 +0000
ROA not before: Sun 01 Jan 2023 20:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205164
IP address blocks: 185.214.192.0/22 maxlen: 32
2a0c:f600::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:6b:c9:e4:f1:9b:7f:36:72:b0:f6:d8:bb:e5:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8afc31f36c97777f906b93e83ae657f00aeb3099
Validity
Not Before: Jan 1 20:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bcd29414293fa0f4fa742d0c3ac53d12eda662b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ac:01:76:df:9c:50:54:39:d6:70:9d:95:60:
e9:d7:0c:9b:35:f6:85:dd:7b:5d:87:74:f1:21:61:
4c:bd:ba:0b:f0:0f:71:58:77:b0:ca:62:a0:b7:47:
b5:e7:3d:4f:5a:92:92:2a:51:40:d8:99:d9:f5:93:
c3:64:b4:da:04:12:5d:6b:0f:b9:d6:08:f6:e5:c6:
b0:7a:46:be:7f:d5:55:f6:b8:48:24:96:27:fe:85:
6c:35:ea:2e:e2:2e:1e:de:f2:80:f0:37:fc:e2:0b:
84:e1:40:75:2c:1d:7d:1f:0b:16:a5:d1:5a:6e:ef:
7d:0c:b8:86:24:d4:12:30:68:96:17:78:97:56:98:
9e:63:37:59:0f:9e:28:6a:58:03:d3:f7:b9:24:a4:
16:fc:11:c0:c3:fd:04:e0:fc:6c:78:bd:86:fa:31:
f6:91:f2:58:34:c5:2a:aa:59:88:d9:8d:ca:b6:58:
7a:41:60:e9:ea:52:01:d3:26:87:52:39:46:37:c8:
94:01:a8:23:49:49:a9:18:51:86:c6:47:ec:73:09:
19:33:04:b8:07:14:69:6d:e6:0e:b2:7b:54:a8:b2:
27:21:ab:d1:70:d4:f7:b6:96:ed:0f:bf:58:91:f2:
3e:8f:7c:8c:76:72:44:69:fd:b2:47:94:fb:d5:34:
f2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:CD:29:41:42:93:FA:0F:4F:A7:42:D0:C3:AC:53:D1:2E:DA:66:2B
X509v3 Authority Key Identifier:
keyid:8A:FC:31:F3:6C:97:77:7F:90:6B:93:E8:3A:E6:57:F0:0A:EB:30:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ivwx82yXd3-Qa5PoOuZX8ArrMJk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d9a004-b953-4c73-81e4-0711694000a0/1/G80pQUKT-g9Pp0LQw6xT0S7aZis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d9a004-b953-4c73-81e4-0711694000a0/1/ivwx82yXd3-Qa5PoOuZX8ArrMJk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.192.0/22
IPv6:
2a0c:f600::/29
Signature Algorithm: sha256WithRSAEncryption
15:35:4c:57:b8:60:22:9a:da:b6:57:2c:bd:a3:a5:99:eb:01:
bf:0f:07:09:92:4e:ab:71:b8:24:b3:b0:04:fe:6e:ac:72:19:
75:68:1e:95:2e:94:9d:00:c3:80:a9:70:59:4b:2b:53:1c:6f:
cb:59:45:b8:fc:a1:83:d3:58:8b:47:90:11:64:01:5a:53:04:
b8:2f:39:e9:fd:6a:f9:08:da:71:4d:93:e0:1d:79:d5:39:4b:
ad:e5:6a:48:ec:e9:77:79:db:f1:dc:c2:ac:b8:9d:f7:28:98:
05:e3:15:68:2b:70:d9:36:6b:92:68:78:93:aa:12:11:0f:51:
df:b2:3a:ce:0c:de:f2:47:ca:31:a2:ba:eb:19:22:f7:ce:75:
5f:af:70:4d:a1:b7:b2:3b:c4:4c:38:c7:4b:38:44:86:cd:70:
4d:ab:ff:66:a2:8b:92:1f:98:06:37:b0:02:65:f3:b0:7a:8d:
bd:23:4c:8c:4d:da:2b:33:32:a5:57:8c:e7:2b:ae:d1:63:62:
43:df:d0:87:68:5c:3b:e3:01:5c:ee:e7:cd:ac:a1:d0:e7:fc:
4b:a8:2e:0d:71:99:ce:9d:b3:9a:65:ec:83:0d:95:5d:cc:3c:
b6:ba:d9:85:7c:f3:14:31:8d:ac:21:3c:f9:4b:c8:6b:e2:ff:
4f:a8:6a:3b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvC2vJ5PGbfzZysPbYu+VlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZmMzMWYzNmM5Nzc3N2Y5MDZiOTNlODNhZTY1N2YwMGFl
YjMwOTkwHhcNMjMwMTAxMjAzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmNkMjk0MTQyOTNmYTBmNGZhNzQyZDBjM2FjNTNkMTJlZGE2NjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmawBdt+cUFQ51nCdlWDp1wybNfaF
3Xtdh3TxIWFMvboL8A9xWHewymKgt0e15z1PWpKSKlFA2JnZ9ZPDZLTaBBJdaw+5
1gj25caweka+f9VV9rhIJJYn/oVsNeou4i4e3vKA8Df84guE4UB1LB19HwsWpdFa
bu99DLiGJNQSMGiWF3iXVpieYzdZD54oalgD0/e5JKQW/BHAw/0E4PxseL2G+jH2
kfJYNMUqqlmI2Y3Ktlh6QWDp6lIB0yaHUjlGN8iUAagjSUmpGFGGxkfscwkZMwS4
BxRpbeYOsntUqLInIavRcNT3tpbtD79YkfI+j3yMdnJEaf2yR5T71TTyfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBvNKUFCk/oPT6dC0MOsU9Eu2mYrMB8GA1UdIwQY
MBaAFIr8MfNsl3d/kGuT6DrmV/AK6zCZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXZ3eDgyeVhkMy1RYTVQb091Wlg4QXJyTUprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9kOWEwMDQtYjk1My00YzczLTgxZTQt
MDcxMTY5NDAwMGEwLzEvRzgwcFFVS1QtZzlQcDBMUXc2eFQwUzdhWmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9kOWEwMDQtYjk1My00YzczLTgxZTQtMDcxMTY5NDAwMGEw
LzEvaXZ3eDgyeVhkMy1RYTVQb091Wlg4QXJyTUprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudbAMA0E
AgACMAcDBQMqDPYAMA0GCSqGSIb3DQEBCwUAA4IBAQAVNUxXuGAimtq2Vyy9o6WZ
6wG/DwcJkk6rcbgks7AE/m6schl1aB6VLpSdAMOAqXBZSytTHG/LWUW4/KGD01iL
R5ARZAFaUwS4Lznp/Wr5CNpxTZPgHXnVOUut5WpI7Ol3edvx3MKsuJ33KJgF4xVo
K3DZNmuSaHiTqhIRD1HfsjrODN7yR8oxorrrGSL3znVfr3BNobeyO8RMOMdLOESG
zXBNq/9moouSH5gGN7ACZfOweo29I0yMTdorMzKlV4znK67RY2JD39CHaFw74wFc
7ufNrKHQ5/xLqC4NcZnOnbOaZeyDDZVdzDy2utmFfPMUMY2sITz5S8hr4v9PqGo7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:33 2024 by rpki-client on console-ams.rpki-client.org